Integer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57 might allow remote attackers to execute arbitrary code via an Oktalyzer file that triggers a heap-based buffer overflow.
Max CVSS
9.3
EPSS Score
9.08%
Published
2009-12-18
Updated
2018-10-10
Heap-based buffer overflow in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via an Ultratracker file.
Max CVSS
9.3
EPSS Score
19.02%
Published
2009-12-18
Updated
2018-10-10
Multiple heap-based buffer overflows in IN_MOD.DLL (aka the Module Decoder Plug-in) in Winamp before 5.57, and libmikmod 3.1.12, might allow remote attackers to execute arbitrary code via (1) crafted samples or (2) crafted instrument definitions in an Impulse Tracker file. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
19.73%
Published
2009-12-18
Updated
2018-10-10
CVE-2009-1831
Public exploit
The Nullsoft Modern Skins Support module (gen_ff.dll) in Nullsoft Winamp before 5.552 allows remote attackers to execute arbitrary code via a crafted MAKI file, which triggers an incorrect sign extension, an integer overflow, and a stack-based buffer overflow.
Max CVSS
9.3
EPSS Score
95.32%
Published
2009-05-29
Updated
2017-09-29
Multiple buffer overflows in Winamp 5.541 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a large Common Chunk (COMM) header value in an AIFF file and (2) a large invalid value in an MP3 file.
Max CVSS
10.0
EPSS Score
90.84%
Published
2009-01-23
Updated
2017-10-19
5 vulnerabilities found